RECON

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher's home. This post examines...

🔐 User Flag — Compromising the Application Layer Successfully rooted the Guardian (Hard) machine on Hack The Box by chaining multiple real-world web vulnerabilities.Initial access was achieved through credential abuse and IDOR within the student portal. Leaked chat credentials exposed internal Gitea repositories containing hardcoded database secrets. A vulnerable XLSX file upload feature allowed formula injection → XSS → session hijacking. Leveraging CSRF, I created a rogue admin account and ...

TL;DR: Tag des offenen Hackspace am 28. März – besuche einen Hackspace in deiner Nähe ! Hackspaces sind Gemeinschaftsräume, die dem Spaß, der Kunst, dem Politischen und vor allem dem sozialen Austausch gewidmet sind. Um das mit den eigenen Sinnen zu erfahren, besuch doch am Samstag, dem 28. März einen Hackspace in deiner Nähe! Hier findest du eine Liste mit Spaces, die an diesem Tag teilnehmen und ihre Türen öffnen: https://md.ccc-mannheim.de/s/tdoh-spaces26 Was gibt es? Neben den Räumlichkei...

There is a trick that is spreading through social media. If you block the claude user on GitHub, then each time you visit a GitHub repository that has commits by this user you get a banner at the top alerting you of the user's participation. It's an easy way to spot projects that have started to rely on coding agents, in this case on Claude Code specifically. Imagine the surprise when you see that CPython , one of the most popular open-source projects in the world, is now receiving contributi...

The End of Feedback

A detailed look at France’s favorite “Social Casino” and how to stay protected in the 2026 iGaming landscape. As we move further into 2026, the online gambling sector has shifted from simple entertainment to high-tech ecosystems. Betify has led this charge in France, integrating social gaming, crypto-readiness, and AI-driven support. However, with sophisticated features comes […]

Hackers Exploit Windows File Explorer and WebDAV to Distribute Malware    GBHackers News